fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-05-03 17:22:20 +09:00
Code Issues Projects Releases Packages Wiki Activity

issue 1235 do not display email address in user information page

Browse source 
also, XSS defense in user information page


git-svn-id: http://xe-core.googlecode.com/svn/branches/1.5.0@10133 201d5d3c-b55e-5fd7-737f-ddc643e51545
This commit is contained in:
ovclas 2012-02-20 08:34:28 +00:00
parent efe463161e
commit 023835f62e
3 changed files with 19 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

7
modules/member/member.view.php
View file

@ -65,6 +65,13 @@
unset($member_info->email_id);
unset($member_info->email_host);
if($logged_info->is_admin != 'Y' && ($member_info->member_srl != $logged_info->member_srl))
{
$start = strpos($member_info->email_address, '@')+1;
$replaceStr = str_repeat('*', (strlen($member_info->email_address) - $start));
$member_info->email_address = substr_replace($member_info->email_address, $replaceStr, $start);
}
if(!$member_info->member_srl) return $this->dispMemberSignUpForm();
Context::set('memberInfo', get_object_vars($member_info));